From e9b0636c2c50c2aa9fc8d522469fbd96cfd7ccf0 Mon Sep 17 00:00:00 2001
From: Artem Zakharchenko <kettanaito@gmail.com>
Date: Sun, 27 Oct 2024 11:06:01 +0100
Subject: [PATCH] fix: enable provenance for publishing (#2334)

---
 .github/workflows/release.yml | 3 +++
 release.config.json           | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 7ed8349f9..e90648388 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -8,6 +8,9 @@ on:
 jobs:
   release:
     runs-on: macos-latest
+    permissions:
+      contents: read
+      id-token: write
     steps:
       - name: Checkout
         uses: actions/checkout@v3
diff --git a/release.config.json b/release.config.json
index 112b4ae97..8a27b7be2 100644
--- a/release.config.json
+++ b/release.config.json
@@ -2,7 +2,7 @@
   "profiles": [
     {
       "name": "latest",
-      "use": "pnpm publish --no-git-checks"
+      "use": "NPM_CONFIG_PROVENANCE=true pnpm publish --no-git-checks"
     }
   ]
 }